[Ubuntu-BR] ultraSurf vs squid
Salles
salles.web em gmail.com
Terça Dezembro 1 19:44:30 UTC 2009
Em Ter, 2009-12-01 às 17:24 -0200, Bruno Eduardo escreveu:
> Caro companheiros, uso ubuntu 9.10 + squid 2.7 + sarg, para gerenciamento de
> rede.
> Tem alguns espertinhos usando o utraSurf para burlar o meu squid, gostaria
> de saber se alguem conseguiu bloquear esse sistema pelo servidor.
> li na net que bloquear a porta 443 resolve mas outros serviços dependem
> dela.
Bruno,
Neste tópico que te envio, está informado que o UltraSurf usa a porta
9666 do localhost... dá uma conferida nos posts:
http://nixcraft.com/linux-software/9158-how-block-ultrasurf.html
- "Are you sure this software only uses 9666 port? If so block it
using /etc/sysconfig/iptables add 9666 as drop rule."
- "yes i'm sure. did u see my iptables script above that block port
9666."
- "Unfortunatley the port un UltraSurf is 9666 on localhost, and the
software is using this as a proxy it is injecting into the IE on the
fly. This equates to a website called http://Ultra1
One way of controlling the program, I have found so far, is to place
ultra1 in the Restricted Zone in Internet Options / Security /
Restricted Sites of IE. Go to Custom Level and set all items to Disable
or High Safety except Popup Blocker.
The program appears to make a lot of DNS calls to find the servers it is
using. Blocking the servers it talks to may be another way, but it is
not using port 80 or whatever your proxy server is."
Outras informações em
http://forums.techarena.in/server-security/1002038.htm
Boa sorte,
Salles (Nethell) Ubuntu User 24389 Linux User 496632
More information about the ubuntu-br
mailing list